package com.fire.control.system.config.interceptor;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.web.servlet.HandlerInterceptor;
import org.springframework.web.servlet.ModelAndView;

import com.fire.control.system.config.listener.MyServletContextListener;
import com.fire.control.system.dto.UserDTO;
import com.fire.control.system.statics.Key;
import com.fire.control.system.statics.ResponseMessage;
import com.fire.control.system.support.protocol.comman.ResponseJsonProtocol;
import com.fire.control.system.support.protocol.comman.ResponseProtocol;
import com.fire.control.system.support.util.HttpUtil;
import com.fire.control.system.support.util.StaticValue;


/**
* @ClassName: AppInterceptor
* @Description: TODO(APP拦截器)
* @author wanbo
* @date 2017年6月7日 上午12:50:38
*/
public class AppInterceptor implements HandlerInterceptor {
	
	private static final Logger logger = LoggerFactory.getLogger(AppInterceptor.class);
	
	public String[] excludeUrls = StaticValue.excludeUrls;
	
    @Override
    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)throws Exception {
    	String url = request.getServletPath();
    	//排除URL
        for (String excludeUrl : excludeUrls) {
			if(url.contains(excludeUrl)){
				return true;
			}
		}
    	logger.info("--------->AppInterceptor验证用户合法性(Controller方法调用之前):"+url);
    	
    	
    	
    	String userId = request.getHeader(Key.userId.toString());
    	String authorization = request.getHeader(Key.authorization.toString());
        
    	
    	
        if(StringUtils.isEmpty(userId) || StringUtils.isEmpty(authorization)){
        	HttpUtil.outputJson(response, ResponseMessage.CODE_400.messageToProtocol(new ResponseJsonProtocol()).toString());
        	return false;
        }
        
        
        
        /***********************虚拟登入信息 start****************
        {
        	MyServletContextListener.redisService.set(Key.redis_key_lora_token_user_id_+userId, authorization, 5);
        }
        ***********************虚拟登入信息 end*****************/
        
        
        
        //验证token
        String dbToken = MyServletContextListener.userService.getUserToken(userId);
        if(!authorization.equals(dbToken) && StringUtils.isNotEmpty(dbToken)){
        	ResponseProtocol protocol = new ResponseJsonProtocol();
        	ResponseMessage.CODE_401.messageToProtocol(protocol).setMessage("账户在另一端登入");
        	HttpUtil.outputJson(response, protocol.toString());
        	return false;
        }
        
        
        //验证用户
        UserDTO user = MyServletContextListener.userService.getUserInfo(userId);
        if(user!=null && StringUtils.isNotEmpty(user.getUserId())){
        	return true;
        	//测试阶段放开权限验证
        	/*boolean b = MyServletContextListener.resourceService.getResourcesApp(user.getUserId());
        	if(b){
        		return true;
        	}else{
        		HttpUtil.outputJson(response, ResponseMessage.CODE_401.messageToProtocol(new ResponseJsonProtocol()).toString());
            	return false;
        	}*/
        }else{
        	ResponseProtocol protocol = new ResponseJsonProtocol();
        	ResponseMessage.CODE_DEFINED.messageToProtocol(protocol).setMessage("用户不存在");
        	HttpUtil.outputJson(response, protocol.toString());
        }
        
        return false;
    }
    
    @Override
    public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
    	
    }

    @Override
    public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex)throws Exception {
        
    }

}